similar to: kerberos5 / gssapi support in mount.cifs?

The functionality added in changeset 818a638fa9a3 has a bug for x86_64 on line 103. The src/auth/mech-gssapi.c file must now include stdlib.h to have the declaration for getenv(). Otherwise, the compiler uses the implicit return type (int), which truncates the 8-byte pointer getenv() returns to a 4-byte value. This causes a segfault on subsequent reads. Here is debugger output illustrating the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, as the subject says, I've problems reading the permissions of a file/folder beeing located on my Samba server with the Windows-Explorer. To solve the problem, I've read through log.smbd and found that introducion error: "error packet at smbd/nttrans.c(86) cmd=160 (SMBnttrans) NT_STATUS_BUFFER_TOO_SMALL" followed by various

I have FreeBSD-6.1 and it appears the default installation has a full complement of Kerberos5. But, /usr/src/kerberos5/README states: This subtree is world-exportable, as it does not contain any cryptographic code. At the time of writing, it did not even contain source code, only Makefiles and headers. Please maintain this "exportable" status quo. Thanks!

Hello all, I'm not able to get Kerberos5 authenticarion work together with PrivSep. According to strace, it seems that the kerberos authentication stage is performed by the user process in chrooted enviroment. The problem is that Kerberos authentication must be done by root. Is anybody working on a fix? (or am I missing something in configuration?) Thanks for any advice. -- Dan

http://bugzilla.mindrot.org/show_bug.cgi?id=1078 Summary: passing --without-kerberos5 still checks for some kerberos support Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo:

Hi everyone! I've googled alot for this, and found *some* people with similar questions, but there was no answer if this is a bug in samba, a misconfiguration, or what? I have a win2000 active directory Server (wurzel.baum.local), a samba 2.2.3a on debian stable/woody (stamm.baum.local), security = user, a samba 3.0.1 on debian testing/Sarge (blatt1.baum.local) and a windowsxp machine joined

Hi all, I have a debian linux lenny 5.0 server with samba (version 3.2.5-4lenny14) on it. I want to create a cifs share which uses Active Directory authentication. In all howto's i read that i need kerberos5 to do this, so I installed krb5-user, krb5-config and libkrb53. I edited /etc/krb5.conf to my domain etc. Everything works like it should. BUT i noticed a file in

Hello freebsd-security! What is the best way to authenticate remote ssh users transparantly without typing the kinit and kdestroy commands? Using pam_krb5 works satisfactorily for local logins but makes it crooked for remote ssh ones. The comp.protocols.kerberos and comp.security.ssh newsgroups and the pam-krb5-users maillist confirm this assertion. As far as I understood that using kerberized

The openssh-3.0 announcement said: (...) 3) improved Kerberos support in protocol v1 (KerbIV and KerbV) (...) This seems to imply at least some krb5 support, but there is nothing new in ./configure --help about it. Grepping the source, I see many references to #ifdef KRB5. Trying to enable it manually (a #define in config.h) gives errors about a missing krb5_auth_con_setaddrs_from_fd, which I

I can't seem to login with only a TGS? (i.e. no password) Do I need another patch to have that part work? Password auth seems to be working against the KDC just fine. TIA. -- Austin Gonyou Systems Architect, CCNA Coremetrics, Inc. Phone: 512-698-7250 email: austin at coremetrics.com "One ought never to turn one's back on a threatened danger and try to run away from it. If you do

I've been installing OpenSSH 2.9p2 onto several RedHat Linux machines, after compiling in the GSSAPI/Kerberos5 patch from here: http://www.sxw.org.uk/computing/patches/openssh.html I've been using ssh both to let users in via passwords and Kerberos tickets, and both have been working fine... except for one irritating machine, which (for no good reason I can see) fails when using kerberos

Dear All, this i feel is a little out of topic but really apprecite if someone can help i am tryin to authenicate my Centos 5.2 box to windows 2003 ADS server .. but am not able to do so . i get the following error when i run kinit kinit(v5): Improper format of Kerberos configuration file while initializing Kerberos 5 library i have the following packages installed on my linux box [root at

Hello, I have two issues with Kerberos administration using Samba and this results from my lack of familiarity with it. I am hoping someone can point me in the right direction. The first issue is with automatically renewing the Kerberos tickets. The second issue deals with my having to authenticate each time I attempt to join an AD domain. The Samba documentation indicates that I should *not*

AArch64AddressTypePromotion.cpp does a fair bit of work to help make these things work out well. It could probably be generalized for non-AArch64 targets as per the comment in the file header. > On Jun 26, 2014, at 10:42 AM, Sanjay Patel <spatel at rotateright.com> wrote: > > Cool HW trick. :) > Are those 'sxtw' ops free? > That’ll depend on the details of the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I think I found a mistake in the postfix file in /etc/logcheck/ignore.d.server. There is one equal sign to much in this line: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:alnum:]]+: client=[^[:space:]]+, sasl_method=[[:alnum:]]+, sasl_username==[-_.@[:alnum:]]+$ I think it should be: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+

Hi *, to decide in which namespace tablegen should place the instruction-enum, tablegen iterates over CodeGenTarget instructions until it finds an Instruction with a namespace other than "TargetInstInfo".. but this is wrong, as internal Instructions now use "TargetOpcode" as Namespace.. As Instructions are a map, it is only by chance which is the first instruction it finds -

All, If we can speculatively execute a load instruction, why isn’t it safe to hoist it out by promoting it to a scalar in LICM pass? There is a comment in LICM pass that if a load/store is conditional then it is not safe because it would break the LLVM concurrency model (See commit 73bfa4a). It has an IR test for checking this in test/Transforms/LICM/scalar-promote-memmodel.ll However, I have

I'm trying to get gssapi-with-mic to work but the enabled field in the method struct is disabled I.e. The gssapi-with-mic enable field s not enabled in in the *method struct; it fails at: if (authmethod_is_enabled(method)) in the authmethod_is_enabled(method) function call using ddd , OpenSSH 5.2.p1, Linux 2.6.22.5-31 (SuSE 10.2) Questiion - what enables gssapi-with-mic? Thanks tedc

I think gcc is right. It inserted a branch for n == 0 (the cbz at the top), so that's not a problem. In all other regards, this is safe: if you examine the sequence of loads and stores, it eliminated all but the first load and all but the last store. How's that unsafe? If I had to guess, the bug here is that LLVM doesn't want to hoist the load over the condition (which it is right

Hi, i had the same troubles on Vista and on Win7... cmake fails on some tests (you should see this in the log) due to m$ UAC (or whatever the name is) and uses not-so-sane default values. You have to start a visual c-command prompt (to make sure it gets the right paths) with administrator privileges (!) , than cmake works fine and you get a correct config.h. best regards, Thomas 2010/1/22